Jobs · Information Technology · Illinois

Director & Chief Information Security Officer

Loyola University Chicago · Chicago, IL · 3 mo ago
Information TechnologyFull-time

Position Details

Duties and Responsibilities

Qualifications

Certificates/Credentials/Licenses

Computer Skills

About Loyola University Chicago

Special Instructions to Applicants

  • Position Overview: The Director & Chief Information Security Officer (CISO) will be responsible for overseeing the development, implementation, and use of information security and cybersecurity resources and practices throughout the organization. This position will play a crucial role in guiding the university’s strategic IT initiatives to enhance productivity, efficiency, and security.
  • Strategic Oversight: Develop and implement an IT strategy that aligns with the organization’s business goals and objectives, ensuring the efficient and secure operation of all IT systems and processes.
  • Leadership and Management: Lead and manage the IT department and/or unit, including hiring, training, and developing IT staff. Foster a culture of innovation, collaboration, and continuous improvement.
  • Innovation and Emerging Technologies: Stay current with industry trends and emerging technologies, evaluating their potential impact on the organization and recommending strategic investments.
  • Budgeting and Cost Control: Develop and manage the UISO’s budget, ensuring cost-effective use of resources and adherence to financial goals.
  • Compliance and Risk Management: Ensure the organization’s IT systems comply with relevant regulations and standards, managing risks associated with technology use.
  • Relationship Management: Establish and maintain relationships with IT vendors and service providers, negotiating contracts and ensuring the delivery of quality services.
  • Provide strategic and operational leadership of all functions for University Information Security Office (UISO).
  • Support Loyola’s mission and strategy by supporting the ITS core values of service excellence for university strategic initiatives and continuous development/improvement.
  • Create and manage the university’s information security program and establish relevant security metrics.
  • Acts as an independent reviewer to ensure that technology compliance issues and concerns within Loyola University Chicago are being appropriately evaluated, investigated and resolved.
  • Coordinates the creation, testing and execution of business continuity and disaster recovery plans across the Loyola University Chicago departments and schools.
  • Regularly communicate in writing and in-person to end users and resource contributors about the state of information security, security expectations and on-going information risk status.
  • Identify staff development/training plans, as well as succession planning, for the UISO staff.
  • Participate in relevant professional activities, including involvement in university-wide and participation in external professional organizations.
  • Perform other duties as required.

Minimum Education and/or Work Experience

  • Master’s degree in Management Information Systems, Computer Science or Engineering or equivalent experience.
  • At least 10 years of experience in information security and/or network/security management.
  • At least 7 years of experience in managing information security, technology risk or compliance personnel.
  • Proven experience with technology risk assessment and regulatory compliance, such as FERPA, GLBA, HIPAA, PCI DSS, DMCA, GDPR, Illinois Personal Information Protection Act, and similar regulations.
  • Familiarity with security concepts such as defense-in-depth, the principle of least privilege, access controls, risk management, and mitigating controls required.
  • Demonstrated skills related to business continuity and disaster recover planning.
  • Experience in Higher Education is a plus, but not required.
  • Experience with IT frameworks such as NIST or the ISO 27000 series is a plus, but not required.

Qualifications

  • Excellent communication (oral, written, presentation), interpersonal and consultative skills to work effectively with vendors, clients, peers, and ITS management and staff.
  • Core consulting skills such as business writing, presenting, and analytic comparisons.
  • Ability to communicate technical concepts and solutions to both technical and non-technical audiences.
  • Strong analytical and problem solving skills.
  • Detail oriented, results focused, and able to support change management initiatives.
  • Synthesizes complex or diverse information; Generates creative solutions; Identifies and resolves problems in a timely manner; Gathers and analyzes information skillfully; Develops alternative solutions; Works well in both group and individual problem solving situations. Looks for ways to improve and promote quality; Responds promptly to customer needs; Solicits customer feedback to improve service; Responds to requests for service and assistance.
  • Attitude and strong work ethic; Ability to work independently and in team settings; Focuses on solving conflict, not blaming; Maintains confidentiality and follows ITS and other university policies regarding data security and protection; Balances team and individual responsibilities; Contributes to building a positive team spirit; Effectively influences actions and opinions of others; Strives to continuously build knowledge and skills; Shares expertise with others.
  • Collaborates information security concepts with both technical and non-technical individuals; Possesses the ability to explain and gain concurrence on information security concepts.
  • Diversity – Shows respect and sensitivity for cultural differences; educates others on the value of diversity.
  • Treats people with respect; Works with integrity and ethically; handles sensitive and confidential issues and materials appropriately.
  • Supports organization’s goals and values; Develops strategies to achieve organizational goals; Adapts strategy to changing conditions; Includes appropriate people in decision-making process; Strong administrative and organizational skills.

Certificates/Credentials/Licenses

  • CISSP or CISM certification required.
  • GIAC certifications are a plus, but not required.

Computer Skills

  • Demonstrated competence related to network and web application firewalls, intrusion prevention, security monitoring, multi-factor authentication, data loss prevention, data encryption/transfer, email and end-user security, log management and security incident and event management technologies.
  • Proficient in Microsoft applications.

About Loyola University Chicago

  • Founded in 1870, Loyola University Chicago is one of the nation’s largest Jesuit, Catholic universities, recognized for its academic excellence, commitment to community engagement, and leadership in sustainability.
  • A Carnegie R1 research institution, Loyola leverages its status as one of an elite group of universities with the highest level of research activity to advance knowledge that serves communities and creates global impact.
  • Loyola operates three primary campuses in the greater Chicago area and one in Rome, Italy, that provide students a transformative, globally connected learning experience.
  • Loyola is consistently ranked among the nation’s top universities by U.S. News & World Report, is a STARS Gold-rated institution that is ranked as one of the country’s most sustainable campuses by The Princeton Review, and has earned distinctions from AmeriCorps and the Carnegie Foundation for its longstanding record of service and community engagement.
  • Loyola educates ethical leaders who think critically, act with purpose, and strive to create a more just and sustainable world.
  • Loyola University Chicago strives to be an employer of choice by offering its staff and faculty a wide array of affordable, comprehensive, and competitive benefits.

Similar jobs

Chief Information Security Officer

Public Company Accounting Oversight Board (PCAOB)New York, NY· 2 mo ago
Information Technology$248k–$400k/yrapply on pcaobus.wd503.myworkdayjobs.com